<?php

  if (isset($_POST['submit0'])) { // If password entered...
    $word = $_POST['password']; // Variable set as entered password
    setcookie('textadmin', $word, time() + 31536000); // Cookie is set
  } else { // If password form filled in previously...
    if (isset($_COOKIE['textadmin'])) { // Check for cookie
      $word = $_COOKIE['textadmin']; // Variable set as cookie
    }
  }

  if ((isset($_POST['submit'])) && ($_POST['submit'] != 1) && ($_POST['password'] != 1)) {

    // Split filename string into array using "." separator
    $extension = explode ('.', $_FILES['upload']['name']);
    // Create new filename with original file extension added
    $filename = $filename . '.' . $extension[1];

    // Move the file from temp folder to images folder
    if (move_uploaded_file($_FILES['upload']['tmp_name'], "../images/$filename")) {
      $response = 'The file named <b>' . $filename . '</b> has been uploaded.';
      $display = '<br /><img src="../images/' . $filename . '" />';
    } else {
      $response = 'The file could not be moved.';
    }
  }

?>

<?php $thisPage = "upload"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Upload a file</title>
<meta name="robots" content="noindex,nofollow" />
<link rel="stylesheet" href="style.css" type="text/css" media="screen" />
</head>
<body>

<div id="wrap">

<?php

// Start password routine
  include_once('password.php');
  if ($word != $le_password) {

?>

<!-- password form //-->
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>
<b>Enter password:</b>
<br />
<input type="password" name="password" size="25" maxlength="25" />
<br />
<input type="submit" name="submit0" value="Submit" />
</p>
</form>
<!-- password form_eof //-->

<?php

    // Routine to display password entry error message.
    if (isset($_POST['submit0'])) {
      if ($_POST['password'] != $le_password) {
        echo '<p">Incorrect password!</p>';
      }
    }

  } else {
// End password routine

?>

<?php include_once('navigation.php'); ?>

<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Select file on hard drive:<br />
<input type="file" name="upload" /><br />
Name file (omit file extension):<br />
<input size="20" name="filename" maxlength="30" /><input type="hidden" name="MAX_FILE_SIZE" value="20000" /><input type="submit" name="submit" value="Submit" />
</form>

<?php echo $response; ?>
<?php echo $display; ?>

<?php

  echo '<br /><p><b>Current image files:</b></p>';
  $dirname = "../images";
  $dh = opendir($dirname);
  while (false !== ($file = readdir($dh))) {
    if ((strstr($file, '.jpg')) || (strstr($file, '.jpeg')) || (strstr($file, '.gif')) || (strstr($file, '.png'))) {
      print '<a href="../images/' . $file . '" title="View">' . $file . '</a><br />';
    }
  }
  closedir($dh);

?>

<?php

  } // Required for password routine

?>

</div>

</body>
</html>